tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 55599] 403 error on Manager when using NonLoginAuthenticator disableProxyCaching="false" on conetxt.xml
Date Thu, 26 Sep 2013 17:54:48 GMT

--- Comment #2 from Matafagafo <> ---
(In reply to Mark Thomas from comment #1)
> Given that the manager requires users to be authenticated, a 403 response
> seems entirely reasonable.
> It isn't clear what you aretrying to achieve by configuring the
> NonLoginAuthenticator, nor where you doing this (context.xml is not specific
> enough). Either way, the users list is the place to go to seek further help.

Let me explain.
My application needs to be accessed thru SSL, so I configured a "Protected
Context" for it in Tomcat web.xml file, as You can se bellow

            <web-resource-name>Protected Context</web-resource-name>
        <!-- auth-constraint goes here if you requre authentication -->

It worked, but as a side effect Tomcat started to set "Cache-Control" HTTP
header in responses as "private". With this my application stop to use browsers
local cache.

To solve this I configured NonLoginAuthenticator disableProxyCaching="false" in
Tomcat context.xml and the "Cache-Control: private" problem is solved.
But with this config I can't access Tomcat Manager anymore !

Because of this I filed this bug, it appears to me that should be a way to
access the Manager in this situations.

You are receiving this mail because:
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message